Los problemas con Chromesearch.club (continuación, 26 de diciembre del 2017)
[QUOTE]
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:28:20 a.m., on 24/12/2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18860)
Boot mode: Normal
Running processes:
HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9666 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: (no name) - {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O3 - Toolbar: (no name) - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - (no file)
O4 - HKLM\..\Run: [cmsc] "c:\program files (x86)\cmcm\Clean Master\cmtray.exe" -autorun
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Clean Master Core Service (cmcore) - Cheetah Mobile,Inc. - c:\program files (x86)\cmcm\Clean Master\cmcore.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\SpyHunter\SH4Service.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TeraCopy Service (TeraCopyService) - Code Sector - C:\Program Files\TeraCopy\TeraCopyService.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
--
End of file - 21608 bytes
[/QUOTE]
============================================================
[QUOTE]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Enterprise x64
Ran by GZN (Administrator) on 26/12/2017 at 0:44:56.52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 24
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\GZN\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\reimage.ini (File)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (GZN) (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_GZN (Task)
Successfully deleted: C:\Users\GZN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\GZN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5AVD9D55 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\GZN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7141ZBTK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\GZN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FOI6GDGW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\GZN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GDJIRM9G (Temporary Internet Files Folder)
Successfully deleted: C:\Users\GZN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPX9OZ9T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\GZN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QPF602IJ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\GZN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SAJE9BKA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\GZN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSUAH7F9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5AVD9D55 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7141ZBTK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FOI6GDGW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GDJIRM9G (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPX9OZ9T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QPF602IJ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SAJE9BKA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSUAH7F9 (Temporary Internet Files Folder)
Registry: 4
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{BFD9D8A8-57FF-488A-B919-065EC77CF82F} (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26/12/2017 at 0:55:59.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[/QUOTE]
============================================================
[QUOTE]
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2017 01
Ran by GZN (26-12-2017 01:02:04)
Running from C:\Users\GZN\Downloads
Windows 7 Enterprise Service Pack 1 (X64) (2016-09-08 01:00:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3990471767-3396898492-1172087097-500 - Administrator - Disabled)
GZN (S-1-5-21-3990471767-3396898492-1172087097-1000 - Administrator - Enabled) => C:\Users\GZN
Invitado (S-1-5-21-3990471767-3396898492-1172087097-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {977BC609-CCE5-593E-B50A-E8F88416181F}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{9C40698F-A953-4658-AFF2-F7BB385A3910}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{870E5275-5457-4BBC-98C9-BFF4B70AA5D3}) (Version: 3.1.0.12 - Intel) Hidden
µTorrent (HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Any Video Converter 6.2.0 (HKLM-x32\...\Any Video Converter) (Version: 6.2.0 - Anvsoft)
Argente Utilities 1.0.7.0 (HKLM-x32\...\Argente Utilities_is1) (Version: 1.0.7.0 - Raúl Argente)
Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software)
Clean Master (HKLM-x32\...\cmpc) (Version: 6.0 - Cheetah Mobile)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 52.0.0.4 - COMODO)
FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse)
Foxit PhantomPDF (HKLM-x32\...\{7BDAB862-E01F-11E7-986C-000C296BF29B}) (Version: 9.0.1.1049 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.108 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (HKLM-x32\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{2550a40e-aac6-4d21-9361-744d33bec573}) (Version: 3.1.0.12 - Intel)
IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.1.0.19 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LSI PCI Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes versión 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.7 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8201.2213 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2213 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2213 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2213 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141667}) (Version: 4.0.19 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Skype versión 8.12 (HKLM-x32\...\Skype_is1) (Version: 8.12 - Skype Technologies S.A.)
SpyHunter4 (HKLM-x32\...\SpyHunter 4.28.5.4848) (Version: - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\ChromeHTML: -> <==== ATTENTION
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers1-x32: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files (x86)\cmcm\Clean Master\cmmenu.dll [2017-11-02] (Cheetah Mobile,Inc.)
ContextMenuHandlers1-x32: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => c:\program files (x86)\cmcm\Clean Master\cmmenu64.dll [2017-11-02] (Cheetah Mobile,Inc.)
ContextMenuHandlers1-x32: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers1-x32: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ContextMenuHandlers1-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] ()
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers2-x32: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files (x86)\cmcm\Clean Master\cmmenu.dll [2017-11-02] (Cheetah Mobile,Inc.)
ContextMenuHandlers2-x32: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => c:\program files (x86)\cmcm\Clean Master\cmmenu64.dll [2017-11-02] (Cheetah Mobile,Inc.)
ContextMenuHandlers2-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ContextMenuHandlers2-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers4-x32: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files (x86)\cmcm\Clean Master\cmmenu.dll [2017-11-02] (Cheetah Mobile,Inc.)
ContextMenuHandlers4-x32: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => c:\program files (x86)\cmcm\Clean Master\cmmenu64.dll [2017-11-02] (Cheetah Mobile,Inc.)
ContextMenuHandlers4-x32: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers4-x32: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers4-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-26] ()
ContextMenuHandlers4-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] ()
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] ()
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1FE097EB-33B7-40B3-9278-DD731C98AC25} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {29B72C86-9411-44E2-95E8-A7B2D73CCD7B} - \Harft Asterce Maker -> No File <==== ATTENTION
Task: {31DF34E3-DA5F-4EA4-AF13-929E4CA2A0D5} - System32\Tasks\Start Media Convert => C:\Windows\system32\rundll32.exe "C:\Program Files\Start Media Convert\Start Media Convert.dll",mjYddJKASS <==== ATTENTION
Task: {4CC7FDFA-12A9-4746-B2B3-CFB9876E1085} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {57F606F0-3E0A-4328-B0F9-326A0B19D743} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-22] (Microsoft Corporation)
Task: {5826DE77-7692-4297-B2A8-5FCA283B0346} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-22] (Microsoft Corporation)
Task: {58C449C9-F493-4AFC-8DFB-C9E60A6CA87F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated)
Task: {6139D3CB-5CF6-4695-BE96-1FC66D3F9A21} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-25] (Adobe Systems Incorporated)
Task: {8938B441-902E-425B-BB5C-228F1936B1D3} - System32\Tasks\ASCU10_SkipUac_GZN => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe
Task: {9250760B-CFD2-43AF-80BC-9C69DD44C805} - System32\Tasks\SpyHunter4Startup => C:\Program Files\SpyHunter\SpyHunter4.exe [2017-08-12] (Enigma Software Group USA, LLC.)
Task: {A1FCBBB6-832C-4DA6-A74D-95571C8E07C1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-02] (Microsoft Corporation)
Task: {ABBAC39C-3338-4777-9487-81A664A792FB} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3990471767-3396898492-1172087097-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2017-12-10] (Mega Limited)
Task: {B32C3848-4127-4C7D-B5B0-264DC86F2612} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {BDF089A4-3A5C-48AF-8036-6FCB58184F03} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-02] (Microsoft Corporation)
Task: {BE90BBAE-D345-4391-9DD3-B0B33D554705} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
Task: {CF34B376-F3B2-49A8-9474-9B396479B95F} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {D540E475-4068-43C9-8455-EE03F6A07BEC} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-21] (@ByELDI)
Task: {F1B00960-058A-41FB-A884-AB187F6ED036} - System32\Tasks\ASCU10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2016-12-14] (IObit)
Task: {FE23729E-0B97-497E-9880-A0C6D03E513B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Start Media Convert.job => rundll32.exe C:\Program Files\Start Media Convert\Start Media Convert.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\GZN\Downloads\Selling Heels Tacones en Venta, negros.lnk -> hxxp://i397.photobucket.com/albums/pp57/Akashi-Moka/Selling%20Heels%20-_-%20Tacones%20en%20Venta/Hollywood%20black%20heels%20-%20Zapatillas%20negras%20Hllwd/Zapatos-Negros-en-Satin-Hollywood-Monroe-1-3-big-1-www-fusiones-kingeshop-com1.jp
==================== Loaded Modules (Whitelisted) ==============
2017-06-07 14:09 - 2017-11-26 11:45 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2017-03-07 12:13 - 2017-09-26 22:15 - 008931008 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-08-14 10:05 - 2017-08-14 10:05 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-11-03 21:14 - 2016-12-07 16:40 - 003681104 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2017-12-15 14:42 - 2012-08-31 15:03 - 000288768 _____ () C:\Windows\System32\HP1100LM.DLL
2017-12-15 14:43 - 2012-08-31 15:02 - 000074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2017-03-07 19:04 - 2017-03-07 19:04 - 000157456 _____ () C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
2017-12-11 19:38 - 2017-03-07 19:15 - 000824592 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
2017-12-11 19:38 - 2017-03-07 19:18 - 001981712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll
2017-12-11 19:38 - 2017-03-07 19:10 - 000248080 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll
2017-12-11 19:38 - 2017-03-07 19:09 - 000213776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll
2017-12-11 19:38 - 2017-03-07 19:10 - 000175376 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll
2017-12-11 19:38 - 2017-03-07 19:09 - 000204048 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_state_input.dll
2017-12-11 19:38 - 2017-03-07 19:08 - 000337680 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll
2017-12-11 19:38 - 2017-03-07 19:05 - 000148240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll
2017-12-11 19:38 - 2017-03-07 19:05 - 000178448 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_acdc_setting_input.dll
2017-12-11 19:38 - 2017-03-07 19:10 - 000213776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll
2017-12-11 19:38 - 2017-03-07 19:06 - 000229648 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input.dll
2017-12-11 19:38 - 2017-03-07 19:07 - 000225040 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll
2017-12-11 19:38 - 2017-03-07 19:05 - 000212752 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_input.dll
2017-12-11 19:38 - 2017-03-07 19:07 - 000220432 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll
2017-12-15 15:21 - 2017-12-13 20:49 - 002873688 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\swiftshader\libglesv2.dll
2017-12-15 15:21 - 2017-12-13 20:49 - 000137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\swiftshader\libegl.dll
2017-12-12 12:02 - 2017-12-01 11:13 - 031239168 _____ () C:\Users\GZN\AppData\Local\Google\Chrome\User Data\PepperFlash\28.0.0.126\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\...\1001movie.com -> 1001movie.com
There are 7519 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2017-07-10 20:58 - 000001129 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GZN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: ftpsvc => 2
MSCONFIG\Services: i2p => 2
MSCONFIG\Services: IceDragonUpdater => 2
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^Users^GZN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: 5a712307fa1e2cbcc5e79fcd80d9f09d => "C:\Users\GZN\AppData\Local\Temp\systm.exe" ..
MSCONFIG\startupreg: DSATray => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe
MSCONFIG\startupreg: SendAnywhereBeta => C:\Program Files (x86)\Send Anywhere Beta\Send Anywhere Beta.exe --tray
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1BC57F96-2FE5-4BB9-B0ED-E5FD29A1C58A}] => (Allow) C:\Users\GZN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{65F91EA6-A2AA-4D38-B266-EAF78DDB9A2B}] => (Allow) C:\Users\GZN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2B4835B7-EF12-4E64-B60D-4902059E717E}] => (Allow) C:\Users\GZN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{81EC9AC7-5E7B-4CBD-9480-C86763EF54D4}] => (Allow) C:\Users\GZN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A60F331D-B53B-4333-8349-4C63884783A9}] => (Allow) C:\Users\GZN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7E017C8B-C2F6-48D1-9774-78F7E287599F}] => (Allow) C:\Users\GZN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{109712DF-3776-4B1C-9A1E-0C02A2305487}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{448A54F0-4824-4E56-9067-B5AA6DF94846}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{9B9EB53C-3DA2-427F-A78A-EDF0C31CB6F4}] => (Allow) LPort=1688
FirewallRules: [{E75308F1-6448-413E-A567-A4F0359B3590}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{F908ABE0-A293-436C-B6D5-57D1CE96FBB7}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{4A0417BA-51A2-40DB-8552-93754F2EE3E2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{BD8F577D-6B79-4FD9-B183-35564BEC3413}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{BEE86CF5-A651-4593-8F8D-541925F86F50}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{E04B9172-B610-4775-8C8C-EE68444DFA6A}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{91A3DD7A-B1A5-430A-B06B-CC59C3CEE6B3}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{2CDAF345-8152-4EB9-B329-1D2F8F48636D}] => (Block) LPort=445
FirewallRules: [{CD5AB03C-27CA-43EC-8C2A-0698E646EF4F}] => (Block) LPort=445
FirewallRules: [{B34B1806-66DD-4641-8FF4-8018099C1AB0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{12AF35EB-4DC9-475F-9775-49799BA64215}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{5B3E8685-1D6D-436C-A21A-F97F529115A1}C:\program files (x86)\foxit software\pdf editor\pdfedit.exe] => (Allow) C:\program files (x86)\foxit software\pdf editor\pdfedit.exe
FirewallRules: [UDP Query User{32E2EDE7-17A1-4D12-90A6-9B79D321F01A}C:\program files (x86)\foxit software\pdf editor\pdfedit.exe] => (Allow) C:\program files (x86)\foxit software\pdf editor\pdfedit.exe
FirewallRules: [{6CD2DC14-6D3C-488E-B970-ABDE041642D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{84FD34AC-9B3B-4E9E-8506-9E45D7B3B692}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe
FirewallRules: [{26044E43-CB90-4D5F-8CA0-54A68CE228BF}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe
FirewallRules: [{84C6C837-E679-4D28-AA8A-4C477D5D2106}] => (Allow) LPort=9100
FirewallRules: [{42B86865-CAE6-40C7-A6E8-682964EBAA1A}] => (Allow) LPort=427
FirewallRules: [{EA836F6F-FC25-4724-B9AA-4818FB3102FC}] => (Allow) LPort=161
FirewallRules: [{FFEF285E-62D1-4AD6-B7A9-B47FF12815FF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{D0C976A6-3830-4ACB-9BC1-78C69128392F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{B8A39FBE-65DA-48B3-A0F2-C48DB10EAE99}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BDA372D7-3B02-46A6-B8BB-8D13F33496DC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1ABDB1F4-60EE-4670-A9F9-13A3F2B37382}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BE4CF344-658D-4532-BDD5-105878905219}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2609A5DE-6F08-432E-8BFE-22406AAE5BED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{10D0A211-824E-46FF-A2A4-855C9F172B97}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{10914EC9-BC02-4DBD-BCFF-C12C5490CC0F}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
==================== Restore Points =========================
23-12-2017 15:15:14 Removed Foxit PhantomPDF
26-12-2017 00:01:54 Windows Update
26-12-2017 00:17:05 Installed Foxit PhantomPDF
26-12-2017 00:45:01 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: Teclado PS/2 estándar
Description: Teclado PS/2 estándar
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Teclados estándar)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/26/2017 12:39:45 AM) (Source: ESENT) (EventID: 104) (User: )
Description: taskhost (1776) WebCacheLocal: El motor de base de datos detuvo la instancia (0) con el error (-510).
Error: (12/26/2017 12:39:45 AM) (Source: ESENT) (EventID: 492) (User: )
Description: taskhost (1776) WebCacheLocal: La secuencia de archivos de registro de "C:\Users\GZN\AppData\Local\Microsoft\Windows\WebCache\" se interrumpió por un error grave. No será posible realizar futuras actualizaciones en las bases de datos que utilicen esta secuencia de archivos de registro. Corrija el problema y reinicie, o restaure desde una copia de seguridad.
Error: (12/26/2017 12:39:45 AM) (Source: ESENT) (EventID: 413) (User: )
Description: taskhost (1776) WebCacheLocal: No se puede crear un nuevo archivo de registro, la base de datos no puede escribir en la unidad de registro. Puede que la unidad sea de sólo lectura, no tenga espacio disponible, esté incorrectamente configurada o esté dañada. Error -1811.
Error: (12/26/2017 12:39:45 AM) (Source: ESENT) (EventID: 486) (User: )
Description: taskhost (1776) WebCacheLocal: Al intentar mover el archivo "C:\Users\GZN\AppData\Local\Microsoft\Windows\WebCache\V01.log" a C:\Users\GZN\AppData\Local\Microsoft\Windows\WebCache\V0100022.log se produjo el error de sistema 2 (0x00000002): "El sistema no puede encontrar el archivo especificado. ". La operación para mover el archivo se cerrará con el error -1811 (0xfffff8ed).
Error: (12/23/2017 03:15:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
Details:
AddWin32ServiceFiles: Unable to back up image of service Windows SysSecure Service since QueryServiceConfig API failed
System Error:
El sistema no puede encontrar el archivo especificado.
.
Error: (12/23/2017 12:51:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: inkview.exe, versión: 0.92.2.0, marca de tiempo: 0x00000000
Nombre del módulo con errores: libwinpthread-1.dll, versión: 1.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000002c0c
Id. del proceso con errores: 0x738
Hora de inicio de la aplicación con errores: 0x01d37bba77358c04
Ruta de acceso de la aplicación con errores: C:\Program Files\Inkscape\inkview.exe
Ruta de acceso del módulo con errores: C:\Program Files\Inkscape\libwinpthread-1.dll
Id. del informe: bb0f678b-e7ad-11e7-96c4-001320463a68
Error: (12/22/2017 10:14:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_Power, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23915, marca de tiempo: 0x59b94ee4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000004dd25
Id. del proceso con errores: 0x2a8
Hora de inicio de la aplicación con errores: 0x01d37b3fa2cdeefc
Ruta de acceso de la aplicación con errores: C:\Windows\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 25d49e0a-e733-11e7-9d31-001320463a68
Error: (12/20/2017 01:41:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Explorer.EXE, versión 6.1.7601.23537, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 142c
Hora de inicio: 01d37963f981cc6d
Hora de finalización: 0
Ruta de acceso de la aplicación: C:\Windows\Explorer.EXE
Identificador de informe: 1b645621-e559-11e7-82af-001320463a68
Error: (12/20/2017 01:27:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 6.1.7601.23537, marca de tiempo: 0x57c44efe
Nombre del módulo con errores: EXPLORERFRAME.dll, versión: 6.1.7601.23893, marca de tiempo: 0x599313fc
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000002f047
Id. del proceso con errores: 0x63c
Hora de inicio de la aplicación con errores: 0x01d376a4d8f7b615
Ruta de acceso de la aplicación con errores: C:\Windows\Explorer.EXE
Ruta de acceso del módulo con errores: C:\Windows\system32\EXPLORERFRAME.dll
Id. del informe: 2c2abf42-e557-11e7-82af-001320463a68
Error: (12/19/2017 09:06:36 PM) (Source: ESENT) (EventID: 104) (User: )
Description: DllHost (4432) WebCacheLocal: El motor de base de datos detuvo la instancia (0) con el error (-510).
System errors:
=============
Error: (12/26/2017 12:13:56 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Instalador de módulos de Windows, pero ocurrió el siguiente error:
Ya se está ejecutando una instancia de este servicio.
Error: (12/26/2017 12:12:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (12/26/2017 12:11:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Instalador de módulos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
Error: (12/25/2017 11:46:36 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: El servicio "WMPNetworkSvc" no se puede iniciar correctamente debido al error "0x80070422" en CoCreateInstance(CLSID_UPnPDeviceFinder). Compruebe que el servicio UPnPHost esté en ejecución y que el componente UPnPHost de Windows esté instalado correctamente.
Error: (12/25/2017 11:46:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
cdrom
Error: (12/24/2017 12:48:50 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: El servicio "WMPNetworkSvc" no se puede iniciar correctamente debido al error "0x80070422" en CoCreateInstance(CLSID_UPnPDeviceFinder). Compruebe que el servicio UPnPHost esté en ejecución y que el componente UPnPHost de Windows esté instalado correctamente.
Error: (12/24/2017 11:53:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Update no respondió después de iniciar.
Error: (12/24/2017 11:51:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio ShellHWDetection.
Error: (12/24/2017 11:49:31 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Energy Server Service queencreek no respondió después de iniciar.
Error: (12/24/2017 11:45:24 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: El servicio "WMPNetworkSvc" no se puede iniciar correctamente debido al error "0x80070422" en CoCreateInstance(CLSID_UPnPDeviceFinder). Compruebe que el servicio UPnPHost esté en ejecución y que el componente UPnPHost de Windows esté instalado correctamente.
CodeIntegrity:
===================================
Date: 2017-12-25 23:44:17.890
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2017-12-25 23:44:17.484
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2017-12-24 11:42:49.406
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2017-12-24 11:42:49.046
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2017-12-23 18:38:15.484
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2017-12-23 18:38:15.078
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2017-12-22 22:27:36.500
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2017-12-22 22:27:36.140
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2017-12-22 22:15:13.125
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2017-12-22 22:15:12.796
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\agrsm64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 69%
Total physical RAM: 3190.8 MB
Available physical RAM: 976.39 MB
Total Virtual: 6379.79 MB
Available Virtual: 3948.06 MB
==================== Drives ================================
Drive c: (Windows7ult) (Fixed) (Total:120 GB) (Free:24.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Respaldo-1) (Fixed) (Total:345.76 GB) (Free:279.09 GB) NTFS
Drive e: (Anime-Sat) (Fixed) (Total:931.51 GB) (Free:147.98 GB) NTFS
Drive g: (Respaldo-2) (Fixed) (Total:149.05 GB) (Free:105.63 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9A1A7428)
Partition 1: (Not Active) - (Size=345.8 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=120 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7F8DD8E6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
[/QUOTE]
============================================================
[QUOTE]#
AdwCleaner 7.0.6.0 - Logfile created on Tue Dec 26 07:32:10 2017
# Updated on 2017/21/12 by Malwarebytes
# Database: 12-26-2017.1
# Running on Windows 7 Enterprise (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
PUP.Optional.SpyHunter, SpyHunter 4 Service
***** [ Folders ] *****
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\ProgramData\Application Data\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\All Users\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\GZN\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\GZN\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy, C:\ProgramData\IObit\ASCDownloader
PUP.Optional.Legacy, C:\ProgramData\Application Data\IObit\ASCDownloader
PUP.Optional.Legacy, C:\Users\All Users\IObit\ASCDownloader
PUP.Optional.SpyHunter, C:\Users\GZN\AppData\Roaming\Enigma Software Group
PUP.Optional.SpyHunter, C:\sh4ldr
PUP.Optional.SpyHunter, C:\Program Files\spyhunter
PUP.Optional.SpyHunter, C:\Program Files\SpyHunter
PUP.Optional.SpyHunter, C:\sh4ldr
***** [ Files ] *****
PUP.Optional.SpyHunter, C:\Windows\System32\drivers\EsgScanner.sys
PUP.Optional.SpyHunter, C:\Windows\SysNative\drivers\EsgScanner.sys
PUP.Optional.SpyHunter, C:\spyhunter.log
PUP.Optional.SpyHunter, C:\sh4_service.log
PUP.Optional.SpyHunter, C:\shldr.mbr
PUP.Optional.SpyHunter, C:\shldr
PUP.Optional.SpyHunter, C:\Windows\System32\drivers\EsgScanner.sys
PUP.Optional.SpyHunter, C:\Windows\SysNative\drivers\EsgScanner.sys
PUP.Optional.SpyHunter, C:\shldr.mbr
PUP.Optional.SpyHunter, C:\sh4_service.log
PUP.Optional.SpyHunter, C:\spyhunter.log
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
PUP.Optional.SpyHunter, SpyHunter4Startup
PUP.Optional.SpyHunter, SpyHunter4Startup
***** [ Registry ] *****
Adware.Elex, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | SNARE
PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IOBIT\ASC
PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IObit\RealTimeProtector
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\reimageplus.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\reimageplus.com
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E04B9172-B610-4775-8C8C-EE68444DFA6A}
PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {91A3DD7A-B1A5-430A-B06B-CC59C3CEE6B3}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage, [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage, [Key] - HKLM\SOFTWARE\Reimage
PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-3990471767-3396898492-1172087097-1000\Software\Reimage
PUP.Optional.Reimage, [Key] - HKCU\Software\Reimage
PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Legacy, Plugin found: Chrome Cleaner Pro -
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [1297 B] - [2017/1/13 4:44:29]
C:/AdwCleaner/AdwCleaner[C2].txt - [1400 B] - [2017/2/22 1:26:29]
C:/AdwCleaner/AdwCleaner[C3].txt - [4887 B] - [2017/4/24 3:43:47]
C:/AdwCleaner/AdwCleaner[C4].txt - [2136 B] - [2017/4/24 20:2:59]
C:/AdwCleaner/AdwCleaner[C5].txt - [3403 B] - [2017/4/25 7:18:15]
C:/AdwCleaner/AdwCleaner[C6].txt - [3815 B] - [2017/5/4 8:37:27]
C:/AdwCleaner/AdwCleaner[C7].txt - [3308 B] - [2017/5/17 23:49:36]
C:/AdwCleaner/AdwCleaner[C8].txt - [2605 B] - [2017/6/24 2:44:50]
C:/AdwCleaner/AdwCleaner[S0].txt - [1583 B] - [2017/1/13 4:40:3]
C:/AdwCleaner/AdwCleaner[S1].txt - [1689 B] - [2017/2/22 1:26:14]
C:/AdwCleaner/AdwCleaner[S2].txt - [5143 B] - [2017/4/24 3:40:21]
C:/AdwCleaner/AdwCleaner[S3].txt - [2350 B] - [2017/4/24 20:2:23]
C:/AdwCleaner/AdwCleaner[S4].txt - [3439 B] - [2017/4/25 7:17:14]
C:/AdwCleaner/AdwCleaner[S5].txt - [3747 B] - [2017/5/4 8:36:23]
C:/AdwCleaner/AdwCleaner[S6].txt - [3395 B] - [2017/5/17 18:43:42]
C:/AdwCleaner/AdwCleaner[S7].txt - [4383 B] - [2017/6/24 2:38:48]
C:/AdwCleaner/AdwCleaner[S8].txt - [2816 B] - [2017/6/24 2:44:7]
########## EOF - C:\AdwCleaner\AdwCleaner[S9].txt ##########
[/QUOTE]
-Articulos de internet que me han parecido Interesantes.-
-Gustos que tengo desde tiempo atrás.-
-Intereses que comparto.- -Artículos que me han parecido interesantes, o buenos.-
-Aficiones que muestran una parte de lo que me gusta.- -Una de las cosas de la que soy una Fan.-
Suscribirse a:
Comentarios de la entrada (Atom)
¡RIP Funimation! - Fallece Funimation - Se muere Funimation
¡RIP Funimation! ¿Cuál es tú reacción a la noticia? Todos sabíamos que vendría, pero la noticia de que Sony está poniendo fin formalmente a ...
-
1º Te descargas esto (por ejemplo, puedes descargar lo que quieras, pero este es el más rápido) por el enlace de mega que hay en [0000-SSKY...
-
Solo son los links donde puedes hallarlos, no significa que TODOS los links vayan a estar activos, deberás revisarlos para conocer cuales es...
-
Todos los discos han sido añadidos a una sola carpeta y dentro de esa carpeta están las carpetas individuales en formato de WINRAR . Al fina...
No hay comentarios.:
Publicar un comentario